08-07-2014
How to automatically store/cache password for kerberos authentication
Hi All,
I am currently writing script to get the details for lot of hosts from jump server. Means each and every time it will ssh to the host and get the information. To achieve that I need to automatically accept the password from Jump server to that main hosts. We are using kerberos password to access the hosts. Pls let me know how to cache the password & accept it automatically ? Pls advice
Regards
Kannan
8 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi,
We've configured Kerberos to authenticate AIX 5.3 users with Active Directory and I now have to port an application written in C to the new security model.
Currently, our users can login as normal and running a "klist" command reveals that they have been successfully granted a ticket. ... (2 Replies)
Discussion started by: phykell
2 Replies
2. Linux
Hi,
Anyone can point me a good link to setup IPSec using racoon IKE which uses gssapi_krb authentication method?
I have a debain linux box and Windows 2003R2 system, and I want them to communicate using IPSec.
Thanks,
Emily. (0 Replies)
Discussion started by: egyfan
0 Replies
3. Programming
I am in the process of developing a application that needs to be able to authenticate users details with a kerberos server, which is proving to be rather difficult. There seems to be a lack of good information on how to do this using the MIT kerberos api.
Can anyone point me in the right... (0 Replies)
Discussion started by: mshindo
0 Replies
4. Red Hat
Hi,
I've configured two linux boxes to authenticate against Windows Active Directory using Kerberos while retrieving authorization data (uids, gids ,,,)from NIS.
The problem I ran into with my PAM configuration is that all authentication attempts succeed in order.i.e. if someone tried his... (0 Replies)
Discussion started by: geek.ksa
0 Replies
5. AIX
I've configured an AIX 5.3 client to use our Windows AD for user authentication via Kerberos.
When I try to ssh to the server using the AD credentials, I eventually get access but not after getting prompted for a password 3 times (which doesn't work) followed by an accepted login on the 4th... (3 Replies)
Discussion started by: jmroderick
3 Replies
6. UNIX for Dummies Questions & Answers
Hi ,
I am trying to authenticate my id on client server with Kerberos and receiving below error
kinit rpagadala@BDC.soft.net
kinit: Cannot contact any KDC for realm 'BDC.soft.net' while getting initial credentials
Please find krb5.conf on the client server configuration which is... (1 Reply)
Discussion started by: Tomlight
1 Replies
7. Shell Programming and Scripting
I am installing Authen::Krb5::Easy and during make test I am getting the follwing error :
kinit not ok 2
error was: could not get initial credentials: Cannot contact any KDC for requested realm
we are stroring krb5.conf in diff location ( not in /etc/krb5.conf) , but, PERL is... (1 Reply)
Discussion started by: talashil
1 Replies
8. IP Networking
RHEL 7.0, IPV6
Scenario:
I have routed specific network using network scripts.
1. "ip -6 route show" shows that route has been added. ( with metric 1024)
2. Ping of the specific IP through that route is successful.
3. Now after few days, for some reason, we see that cache route appears for... (3 Replies)
Discussion started by: msr1981
3 Replies
LEARN ABOUT DEBIAN
nnrp.access
NNRP.ACCESS(5) File Formats Manual NNRP.ACCESS(5)
NAME
nnrp.access - access file for on-campus NNTP sites
DESCRIPTION
The file /etc/news/nnrp.access specifies the access control for those NNTP sites that are not handled by the main InterNetNews daemon
innd(8). The nnrpd(8) server reads it when first spawned by innd.
Comments begin with a number sign (``#'') and continue through the end of the line. Blank lines and comments are ignored. All other lines
should consist of five fields separated by colons:
hosts:perms:username:password:patterns
The first field is a wildmat(3)-style pattern specifying the names or Internet address of a set of hosts. Before a match is checked, the
client's hostname (or its Internet address if gethostbyaddr(3) fails) is converted to lowercase. Each line is matched in turn, and the
last successful match is taken as the correct one.
The second field is a set of letters specifying the permissions granted to the client. The perms should be chosen from the following set:
R The client can retrieve articles
P The client can post articles
The third and fourth fields specify the username and password that the client must use to authenticate themselves before the server will
accept any articles. Note that no authentication (other then a matching entry in this file) is required for newsreading. If they are
empty, then no password is required. Whitespace in these fields will result in the client being unable to properly authenticate themselves
and may be used to disable access.
The fifth field is a set of patterns identifying the newsgroups that the client is allowed to access. The patterns are interpreted in the
same manner as the newsfeeds(5) file. The default, however, denies access to all groups.
The access file is normally used to provide host-level access control for reading and posting articles. There are times, however, when
this is not sufficient and user-level access control is needed. Whenever an NNTP ``authinfo'' command is used, the nnrpd server re-reads
this file and looks for a matching username and password. If the local newsreaders are modified to send the ``authinfo'' command, then all
host entries can have no access and specific users can be granted the appropriate read and post access.
For example:
## host:perm:user:pass:groups
## Default is no access.
*:: -no- : -no- :!*
## FOO hosts have no password, can read anything.
*.foo.com:Read Post:::*
## A related workstation can't access FOO newsgroups.
lenox.foo.net:RP:martha:hiatt:*,!foo.*
If the file contains passwords, it should not be world-readable.
HISTORY
Written by Rich $alz <rsalz@uunet.uu.net> for InterNetNews. This is revision 1.11, dated 1996/09/06.
SEE ALSO
innd(8), newsfeeds(5), nnrpd(8), wildmat(3).
NNRP.ACCESS(5)